Realistic dangers for average Joe?

If the following question seems ridiculously rookie-like, please forgive me... I, of course, am a rookie. I have a dsl connection, and generally leave the computer on all the time. Is there a realistic danger that by not having any security program that my pc could be compromised? It is not part of a home business, there is really nothing too personal on it (bank account numbers and such), and I don't think I really have anything that a hacker-type might be interested in. I play a fair amount of online games, so my IP is probably pretty visible (although I'm never the one hosting a server). Are random attacks for fun (some 10 year old pasty geek " seeing what he can do") common? Do people deliberately look for the "Average Joe" to get info? I think my fear is I'd hate to have my information fiddled with in such a way that I'd lose files (even though I back up onto CD fairly frequently). Any thoughts?

Apologies for not answering to your question. Since you are our 1000th registered member, we do have a nice bonus waiting for you: a fully registered copy from the top notch anti-trojan TDS3. Please contact me soon (email: webmaster@wilders.org ) in order to deal with the formalities.

Hi Audie! You have great luck! Your protection begins with the best antitrojan in the business! Yes you do need protection on the Net! Get a good solid Antivirus Program, one that comes with regular updates. There are freeware and payforware versions. You need an anti-spy/ad-ware program too. This is the right place to be. Wilders is all about Security.

So guys, what would you suggest he get, to get up and running protections?

I'm not sure what you're talking about, but did I really get something? I hope it's not some kind of forum joke on the noob... If it's for real, that sounds great (In the meantime, I'll contact the forum admin to see if it's true. I hope it is.)

I am pretty familiar with the need for anti-virus software, and have a fairly current version of Norton (which fairly frequently auto-updates), and I'm running Win ME as my OS, with IE as my browser. I never use Outlook for email (I don't even have it set up) but I do use it for newsgroups. As for the other security programs you've mentioned, I may have heard their names in passing, but have never used them. Not to sound completely obtuse, but I had felt that the people most at risk of problems are "known" entities/servers (Microsoft, Yahoo, banks, online shopping sites, etc.) rather than independant users. I guess I'm still wondering if it is very common for the average user with a semi-fixed IP (mine is not guaranteed, although the provider said it 'should' stay the same) to get zapped.

I have a feeling that popups from, shall we say, 'grown-up' sites, can and often do run strange little applets that screw with browser settings (adding things to your favorites without your knowledge/approval), and possibly get info from your email programs (like those net crawlers that get email addresses for spam), and quite often opening windows that apparently can't be closed (which I am afraid to click anything in, so I force-quit the application. Sometimes it won't even allow that!) I guess I'm wondering that rather than being just a nuisance, can these things possibly damage my hardware?

Another issue which I forsee; in what way will security programs affect my gaming. I have heard from quite a few people who can't run voice-comm software because they have an issue with their firewall. Likely it will also affect my interaction with a game host? (higher pings, lag...)

I'm not sure what you're talking about, but did I really get something? I hope it's not some kind of forum joke on the noob... If it's for real, that sounds great (In the meantime, I'll contact the forum admin to see if it's true. I hope it is.)

A good firewall for a newcomer would be Zone Alarm (free edition). As you learn more you may want to switch to ones with user-defined rulesets, but ZA will give you good protection until you're ready to progress. AVG is a reasonable anti-virus and free, as is Alert!Home. As Pete mentioned, Adaware is practically essential. TDS-3 is a beauty and you'll grow into it in no time. SpyBlocker will trap popups, web-based worms, cookies, scripts and advertisements (but it's 30 days free, payware after that) and you'll just have to install ID-Blocker to keep your anonymity. JAP is a freeware anonymous proxy, but most of all get The Proxomitron! That's free too - there's a lot a freeware out there written by good people with excellent intentions. There's a lot of good payware, too - but call here before spending your money since there are sharks out there too!

My head's spinning from all the info! Wow, I think I need to take baby steps here. When adding all this new security software, is a precondition that your pc is virus-free? I mean, that is what we all want, and I have no specific reason to think my computer is infected (although it has it's funny moments), and supposedly anti-virus protects from this, but of course there will always be the newest cutting edge workaround someone comes up with, which might already be on my computer. Should I go for a clean slate and start from scratch (re-formatting for example.)? I'm in no rush, and I plan to check into all these suggestions of programs first before adding or removing anything, these are just things that are coming to mind.

Zonealarm, as Checkout said, is good for Newbies, but not so good for online gamers. I am an avid online gamer myself, and Zonealarm has to be shut down completely for many of my games to play at all, much less get online. Of course more games work with ZA if you are never the server, but I am most always the server. I have also encountered many games (Ghost Recon, Empire Earth, for example) taht absolutely freeze when told to go "multiplayer" and Zonealarm is running. Sygate Personal Firewall is what I know use, and I have not changed around teh default settings; it is much better at "holding" a program while asking you if that program may access the internet.

I won't add to the plethora of information because these guys are great and will walk you through any tough spots along your way.

I just wanted to post some percentages on how I have been hit from the net. Being about in the same boat as you with an ISP that pretty much keeps my IP the same but does change like 2-3 times a year. I also play a few on-line games.

In the last 90 days I have had 295 Suspicious attacks and 2 Critical
If those two critical were not blocked it's very possible they could have done damage. That's people knocking at the door so to speak. You also should watch for trojans, it's the most common way a true hacker gets in. Best of luck to you!

Hmm, I came back to add something of interest. I have been hit by random IP's with in a range that is owned and run by some college here in the U.S.
This is most likely some kid that is learning in school and is out to try his hand, I know not if the intensions are evil. However I will never know as with a firewall I was able to block that entire range of IP's and no one from that college will be bothering me again!

Welcome Audie, communication software and online games should have no problems with "most" firewalls. Problems do arise when there is a lack of control to set the rules the way you like. Hardware firewalls/routers are far worse for causing problems with online games and voice over net progs.

My old vid-game clan members used to get really tired of me having issues with roger wilco and gamevoice. YTou probably know people like that!

ZA although a great first firewall (my first back when I had never heard of any other) but may not be perfect for your circumstances. Most people here know I am a big proponent for rules based firewalls as opposed to the aplication based firewalls like ZA, and this is a good example of when rules based firewalls shine. Unfortunately, these firewalls ARE more difficult to learn, but it will be worth it. My favorite firewall Kerio Personal Firewall found at http://www.kerio.com/us/kpf_home.html really isn't as hard to learn as some people say though, I'm sure you'll do fine. I think the hardest part is deciding which obscure system apps canhit the net and which ones can't. Some firewalls don't ask you, they have those apps's access rights preconfigured (and I hate that)

Congratulations and welcome, from one newbie to another.
As The Pretender wrote, this is one of the best sites for computer security info. I hear that TDS is about as good as it gets when it comes to Anti-Trojan programs. I would love to use it to supplement my BOClean (another excellent product) when I get sufficient funds. BOClean, BTW, is only a memory resident scanner, albeit a very good one.
Like Allan (Unicron), I am partial to rule-based firewalls. I use Kerio and have had no problems...really stable and light on computer resources. I used to use ZA free, but switched to Kerio because I like the greater flexibility and control that you get from a rule-based firewall. I didn't find Kerio that difficult to setup, and believe me, I am about as newbie as they get when it comes to computer security. I would suggest visiting www.dslreports.com, bring up the Kerio/Tiny forum and click on the FAQ link to get you started. I would also read the forum entries there, since there a lot of knowledgeable people there as well. There is also a users' group you can join at groups.yahoo.com/group/keriofirewall/ Hope this helps.

Audie - there are certain programs which are basically of the 'download/install/turn on and forget' variety which I have always found to be of great value across all platforms, due to their versatility.

spy1? Thanks for posting those links. Even I can benefit from them! You are a real trooper!
I have a link here that Audie (or anyone) can use to get some good advice about security needs. spy1 is probably familiar with TomCat.

http://www.tom-cat.com/security.html

It will help give you some idea of the scope of this subject along with good advice and (mostly) freeware help. They are a good outfit and do watchdogging for spyware etc.

They don't want what's ON your system...they want the system itself (CPU, disk space) AND the bandwidth of your CONNECTION.

So even if you have not important info, people want your PC so that they can turn it into a Warez server (serve up Gigs of pirated games/movies, etc..) to their friends.

OR...more importantly, they want to own your system so that they can use your power and bandwidth to blast (DDoS) people off the net they don't like.

2) I'm not running a public server (web, ftp, etc..) so hackers will never find me.

99% of system compromises occur through the use of automated worms..NOT hackers manually scanning IP addresses. Depending on the worm, there are literally 10's of thousands of worm-infected hosts on the net at any given time...each scanning 100s of IP addresses per SECOND.

For the most prolific worms (e.g. Code Red/Nimda) I estimate that all 4 Billion possible IP address combinations are attempted to be infected at least once every 4-8 HOURS. So if you plug a vulnerable box into the Net...I don't care if it is on a T1, cable, DSL, dialup, or unshielded twisted barbed wire...it will get hacked VERY quickly.

Worms that propagate through Microsoft Open File shares (the single biggest vulnerability on the net, IMHO) don't propagate quite as fast, but I predict they will be the next major "worm" issue as the number of system vunlerable to this kind of attack is in the millions.

The other biggie is XP's Universal Plug-n-play (uPNP)...it had a major vulnerability right out of the box and was enabled by default...they only thing saving us there is I don't think the hacker community has figure dout the details of the exploit so no one has written a worm to use it yet.

If you want to learn more about security, start paying reviewing your firewall logs and trying to understand what they mean (I try to facilitate that process with my log analysis/aggregation system http://www.mynetwatchman.com )